Supplementary groups to which the rsync daemon belongs (such as
root) were not removed from the server process before it performed
work as an unprivileged uid and gid. The rsync daemon was also
compiled with a vulnerable version of the zlib library. This
package corrects both these issues.

2. Vulnerable Supported Versions

System Package
-----------------------------------------------------------

Caldera International, Inc. is not responsible for the misuse
of any of the information we provide on this website and/or
through our security advisories. Our advisories are a service
to our customers intended to promote secure installation and
use of Caldera products.